Mintlify Platform Server-Side Template Injection Vulnerability Allowing Remote Code Execution

A Server-Side Template Injection (SSTI) vulnerability has been identified in the MDX Rendering Engine of the Mintlify Platform, affecting versions prior to November 15, 2025. This vulnerability allows remote attackers to execute arbitrary code by injecting inline JSX expressions into an MDX file. The issue arises during server-side rendering for static page generation, which is crucial for search engine optimization.

Impact

Exploitation of this vulnerability leads to unauthorized remote code execution on the server where the affected Mintlify application is hosted.

Reproduction

The vulnerability can be reproduced by uploading an MDX file containing a JSX expression that executes JavaScript code, such as a fetch request, and then accessing the page where the MDX file is rendered. This will trigger the execution of the injected code on the server.

Remediation

Users have been notified that the vulnerability has been patched by not parsing non-simple MDX expressions on the server side, while still allowing them to be processed on the client side.